kilburn Wrote:The REAL solution regarding DNS hijacking is to separate the resolver from the DNS cache server (the one in /etc/resolv.conf). See http://cr.yp.to/djbdns/separation.html for reference.
I think this is done by what Raphael did: taking the 127.0.0.1 out of resolve.conf - well someone can put it back, but this is another problem...
What I mean: even if you separate the DNS thing, its possible to hijack mails for the domains since the configuration of the MTA says the domain is local (the MTA does not need to ask a DNS).
/Joximu